Authentication API call returns a 302 Object Moved / 404 Not Found error. Not clear why?
The curl for the API is:
Response:
302 Object moved
Location: /d2l/error/404/log?targetUrl=<arguments to the curl>
I am not receiving any 4xx response, so I assume that authentication is successful.
However, I cannot determine what/where is "not found".
Appreciate any pointers, thanks!
Answers
-
Hi Eric,
As the docs show, for this call, a 302 response is desired. "302 Found – If success, redirect to provided x_target URL."
Following this logic, my assumption is that a "302 - Object moved" means that the provided x_target URL doesn't exist. The x_target URL in the query string must match the Trusted URL value that is set for the App in Manage Extensibility.
Therefore, can you compare your App's Trusted URL value and compare it to your x_target URL?
If the above doesn't resolve the issue, then the only other thing I can think of would be the encoding of the x_target value in your query string.
Hope this helps...
-
Hi Paul, thanks so much for your response.
I believe the encoding is correct, as when I separately duplicated one of the example code branches and switched the trusted URL with my site's trusted URL, I got the same redirection URL.
However, it is entirely possible that I don't have the accurate value for the Trusted (target) URL. Another party set up the App Id/Keys, and I don't have access to the Manage Extensibility tool.
Interestingly, when I do the initial browser redirect from my site to the D2L site to obtain the authentication tokens, the login page changes the URL. Specifically, it changes the path from /d2l/auth/api/token/ (with parameters x_target, x_a, x_b, and x_state) to /d2l/login/ with two query parameters (sessionExpired and target). I wasn't sure if that's to be expected?
My URL for redirection:
The D2L login page changes the URL to:
-
Hey Eric,
First, please make sure that you work with your Brightspace Admin to determine what the Trusted URL value is for your API App.
I am assuming that you are following this workflow: https://docs.valence.desire2learn.com/basic/auth.html#using-a-third-party-web-application.
Can you confirm if you are developing a custom front-end or back-end integration?
Thanks - Paul
-
Correct, the intent is back-end creation of user accounts, and quiz result retrieval, as well as SSO into the brightspace site.
-
For a back-end integration the easiest approach is for you to use our API Test Tool to harvest the User Id/Key for your service account user. These two articles should really help:
Get your Brightspace Admin to set the Trusted URL of your app to be this: https://apitesttool.desire2learnvalence.com/index.php
Then you will be able to use the Test Tool to harvest the User Id/Key pair.
I hope this helps.
-
According to the brightspace documentation:
Before you dive in to the app registration process, there is one
critical fact to understand: Once you submit an app registration
request, you cannot change any data associated with the resulting
app record. This is includes changing the account associated with
the app record, the name of the app, or the App ID or Key values.
This restriction is made by design, so that approved app records
can't be updated for an unapproved use. Therefore, you must make
a new app registration request in order to receive a new App ID/Key
pair for the updated values.
I would propose that my account is not linked to the App ID/Key/Trusted URL. As far as I know,
my account was created after the App ID/Keys were made.
